logauth
/
SMMP
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Manage TreeToken.parent + TreeToken.child

This commit is contained in:
xdrm-brackets 2017-10-27 18:02:11 +02:00
parent 4e99d042ab
commit 63fa7eb5a0
1 changed files with 47 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
public_html/index.php
View File

@ -7,6 +7,12 @@
use \api\core\Response;
use \database\core\DatabaseDriver;
use \api\core\AuthSystemDefault;
use \token\core\TreeToken;
use \log\core\Log;
$page_log = Log::get('router');
$session_guard = new TreeToken(1000);
/*******************************************/
@ -73,6 +79,12 @@
});
/* (3) Si ....css.map n'existe pas ne cherche pas */
$R->get('(.+).css.map', function($matches){
die();
});
/* (3) On cree les regles de routage QUAND ON EST CONNECTE
@ -80,33 +92,36 @@
/* (2) Si on est connecté */
if( $auth == 2 ){
// logout from admin
$R->get('logout/?', function(){
$GLOBALS['page_log']->log('admin.logout');
$GLOBALS['session_guard']->init_parent();
$_SERVER['REQUEST_METHOD'] = 'POST';
$req = new Request('authenticationDefault/admin', ['username' => '-', 'password' => '']);
$res = $req->dispatch();
header('Location: /');
});
// nomPage/arg1/arg2 -> inclusion de la page
$R->get('(.*)', function($m){
// Liste des pages du site
// nomPage/arg1/arg2 -> page correcte
$page_list = [ 'history', 'profile', 'machines', 'users', 'groups', 'options', 'settings' ];
$R->get('((?:'.implode('|', $page_list).')(?:/[\w-]+)*/?)', function($m){
$GLOBALS['page_log']->log("admin.page(/${m[0]})");
$GLOBALS['session_guard']->init_parent();
if( !preg_match('#^(?:'.implode('|', $page_list).')(?:/[\w-]+)*/?$#i', $m[0]) )
header(__REDIRECT__);
else
include __PUBLIC__.'/view/view.php';
});
/* (3) Si on est pas authentifié */
/* (3) Si on est pas admin, juste warehouse */
}else if( $auth == 1 ){
// warehouse logout
$R->get('logout/?', function(){
$GLOBALS['page_log']->log('warehouse.logout');
$GLOBALS['session_guard']->init_parent();
$_SERVER['REQUEST_METHOD'] = 'POST';
(new Request('authenticationDefault/warehouse', ['name' => '---', 'password' => '']))->dispatch();
header('Location: /');
@ -114,16 +129,22 @@
// admin login page
$R->get('(.*)', function($m){
if( !preg_match('#^admin/$#', $m[0]) ) header(__REDIRECT__);
else include __PUBLIC__.'/view/admin.php';
$R->get('admin/?', function(){
$GLOBALS['page_log']->log('admin.login_page');
$GLOBALS['session_guard']->init_parent();
include __PUBLIC__.'/view/admin.php';
});
/* (4) Si on est pas co */
}else{
$R->get('(.*)', function($m){
if( !preg_match('#^warehouse/$#', $m[0]) ) header(__REDIRECT__);
else include __PUBLIC__.'/view/warehouse.php';
// warehouse login page
$R->get('warehouse/?', function(){
$GLOBALS['page_log']->log('warehouse.login_page');
$GLOBALS['session_guard']->init_parent();
include __PUBLIC__.'/view/warehouse.php';
});
}
@ -133,20 +154,25 @@
/* (4) api/module/method -> Api */
$R->post('api(?:(/.*))/?', function($url){
$GLOBALS['page_log']->log('api.call('.$_SERVER['HTTP_X_TREE_TOKEN'].')');
header('Content-Type: application/json; charset=UTF-8');
if( !$GLOBALS['session_guard']->init_child() )
die(json_encode([ 'error' => 100, 'ErrorDescription' => 'session_guard.child error' ]));
$request = Request::remote($url[0]);
$answer = $request->dispatch();
// Si c'est une réponse (et non un download)
if( $answer instanceof Response ){
header('Content-Type: application/json; charset=UTF-8');
if( $answer instanceof Response )
echo $answer->serialize();
}
});
/* (6) N'importe -> page d'accueil */
$R->get('.+', function(){ header(__REDIRECT__); });
$R->post('.+', function(){ header(__REDIRECT__); });
$R->get('.*', function(){ $GLOBALS['page_log']->log('get.redirect'); $GLOBALS['session_guard']->init_parent(); header(__REDIRECT__); });
$R->post('.*', function(){ $GLOBALS['page_log']->log('post.redirect'); header(__REDIRECT__); });